No 'Access-Control-Allow-Origin' header is present on the requested resource.

josephwoodward / GlobalExceptionHandlerDotNet

Exception handling as a convention in the ASP.NET Core request pipeline

MIT License

272 stars 32 forks source link

No 'Access-Control-Allow-Origin' header is present on the requested resource. #11

Closed mikebridge closed 6 years ago

mikebridge commented 6 years ago

When I set up CORS it correctly adds Access-Control headers to non-erroring API responses. However, they aren't generated on an unhandled error that passes through GlobalExceptionHandlerDotNet.

Is there something else I need to do to set the proper response headers?

slang25 commented 6 years ago

You'll need to call .UseCors(... before app.UseExceptionHandler().WithConventions(..., could you just confirm this is the case.

paulvanbladel commented 6 years ago

Same problem here, Cors will remove the response. See: https://github.com/aspnet/CORS/issues/90

slang25 commented 6 years ago

Nice find. There's a workaround in that issue where you can add a MaintainCorsHeader middleware to restore the headers that are removed, obviously not ideal. Hopefully they will fix this soon.

mikebridge commented 6 years ago

@paulvanbladel Thanks, adding a MaintainCorsHeader middleware to put the headers back was the only thing that worked for me.

Regardless, it doesn't seem to be a problem with GlobalExceptionHandler.